By default, HAProxy resolves all DNS records (e.g. for backends) at startup/reload. These resolved DNS records are then saved in HAProxy’s own DNS cache for the duration of the program run. So you would have to reload HAProxy to renew the DNS cache.

The problem with caching is that ELB’s(Elastic Load Balancer) IPs are changed all the time.

frontend app-api
    bind *:9000
    mode tcp
    default_backend nlb_a
    
resolvers aws_resolver
  nameserver dns 169.254.169.253:53
  resolve_retries 3
  timeout retry   2s
  hold valid      60s

backend nlb_a
  mode tcp
  server-template nlb-a 3 nlb-12345-67890.elb.eu-west-1.elb.amazonaws.com check inter 2s resolvers aws_resolver

By setting the internal “hold” cache to 60 seconds, you can limit the number of DNS lookups until the cache expires; latest after 62 seconds a new DNS lookup should therefore happen.

With resolvers and server-template configuration, it will create 3 servers in a backend with the IP addresses from ELB, and they will be resolved every 30s.

NB: The following configuration above will derive 3 IPs from the DNS name provided, even if it resolves it to just 2 IPs, a third entry will be created in HAProxy. Also, this will work only in HAProxy version 1.6 or above.

In order to enable the Amazon-provided DNS server (169.253.169.253:53) inside your VPC, you will need to enable VPC DNS Support. If you are running HAProxy inside Classic-EC2 instance, the DNS resolver is provided by DHCP, and never be changed. You need to use 172.16.0.23:53 instead.


Starting with HAProxy version 1.8 there is even an advanced possibility called “Service Discovery over DNS” which uses DNS SRV Records. These records contain multiple response fields such as priorities, weights, etc. which can be parsed by HAProxy and update the backends accordingly.

Further information:

Speak with an expert on our team to discuss Cloud solutions tailored to your business.

You’ll receive free recommendations tailored to your business.